February 2006

Twelve barrels of the world’s most alcoholic whisky, or enough to wipe out a medium-size army, will be produced when the Bruichladdich distillery revives the ancient tradition of quadruple-distilling today. With an alcohol content of 92 per cent, the drink may not be the most delicate single malt ever produced but it is by far…

Read More Not Because It Is Easy, But Because We Can

In a recent post, “The Future Belongs To The Quants,” Chris suggests that risk mitigations must be quantifiable. My post “In The Future, Everyone Will Be Audited for 20 Years,” lists what the FTC is requiring for risk mitigation. It seems none of it is quantifiable. Chris?       (Incidentally, I think this iptables…

Read More How Much Does A Firewall Reduce Your Risk?

There is no such thing as perfect security. This week, Arthur commented on “40 Million Pounds Sterling Stolen from British Bank.” Mistakes do happen, and its nice to see that not only did the M.D. Anderson Cancer center ensure that their data was stored encrypted, they chose to notify people that it happened: The private…

Read More Analysis of University of Texas, 4,000 encrypted SSNs, Laptop

I’ve put together a small set of web pages containing links to current and pending legislation, breach listings, various on-line resources, and so on. There is probably not much there that is new to most readers of these words, but the fact that it is in one place may be helpful. The URL is http://www.cwalsh.org/BreachInfo/…

Read More Security Breach Resources

I’m looking for code that will parse the emails sent by online travel agencies and airlines. Ideally, it would be Python code that allows me invoke something like itinerary.get_next_flight(msg) and get a dictionary of (to, from, airline, flight #, date), etc. Does such a library exist?

Read More Dear Lazyweb

Consulting firms are interesting beasts. Often, they are able to make great changes in their clients’ organizations, perhaps not so much because their people are smarter, or even more knowledgable, but because they aren’t subject to the same incentives (pecuniary and otherwise) that client employees face.

Read More Leverage